[gnutls-devel] [sr #108343] gnutls 3.2.2 breaks tls decryption: "Decryption has failed."
n.mavrogiannopoulos at gmail.com
Wed Jul 24 18:42:47 CEST 2013
On 07/24/2013 09:56 AM, Afri Qhdoe wrote:
> An upgrade of gnutls to 3.2.2 breaks pretty much everything that uses TLS. I'm
> using archlinux. I discovered this issue using weechat, telling me:
>> irc: reading data on socket: error -24 Decryption has failed.
> The guys at #weechat told me there are more people complaining and it's a
> gnutls issue. see http://unix.stackexchange.com/q/84083/19062
> downgrading gnutls "fixes" this. could you please look into it?
Well, I'd need to be able to reproduce it and, as I previously
mentioned, there seems to be no easy way to do that.
> Related broken projects:
> - epiphany https://bugs.archlinux.org/task/36207
> - webkit https://bugs.archlinux.org/task/36212
>> Error reading data from TLS socket: Decryption has failed.
> This bug was poorly reported on the mailing list some days ago (it looked like
> a connection error). Yet, I'm trying to do better but I'm sorry I don't know
> how to provide a better back trace or something. Maybe you can guide me? I
> tried to attach gnutls-cli or weechat to gdb but without success of extracting
> the error message.
Using gdb wouldn't help much. The best would be to download the gnutls
git repository, compile it, and then use git-bisect to find the exact
commit that causes the problem. A way to use bisect is shown in 
(binary search section). The known to work tag is gnutls_3_2_1.
More information about the Gnutls-devel